Many circuit developers utilize third-party fabricators or foundries to manufacture integrated circuit chips or systems implementing their circuit designs. The lack of direct control over the manufacturing of the chips or systems, however, can lead to various manufacturing-related vulnerabilities, such as unauthorized alteration of the circuit designs, unauthorized reuse or dissemination of circuit designs, unauthorized (over)production of chips or systems implementing the circuit designs, or the like. Some circuit developers attempt to combat these manufacturing-related vulnerabilities by maintaining a physical presence, i.e., stationing personnel, at the manufacturing facility, retrieving masks after production, etc. While these attempts can reduce some of the manufacturing-related vulnerabilities, it is often impractical for many circuit developers due cost and cooperation by the fabricators.
In addition to misappropriation of circuit designs or their corresponding manufactured chips or systems, other vulnerabilities, such as distribution channel piracy, exist. For example, third-party distributors can sell cheaper parts mislabeled as premium parts. Since some circuit developers contractually retain distribution rights for their chips or systems, possibly with a requirement to return chips or systems back to the circuit developers before being resold, the unauthorized resale of old chips or systems by third-party distributors, for example, by unsoldering them from a prior system and then reselling them as new or even as an updated model without abiding their contractual obligations.
Some circuit developers have been experimenting with techniques to secure chips or systems implementing the circuit designs from authorized distribution, for example, by including security circuitry capable of locking the chips or systems until they receive a particular key. Since unauthorized knowledge of the particular key can defeat the security circuitry regardless of whether a user was authorized to use an individual chip or system, circuit developers have developed several techniques to have each chip or system implement a circuit design that response to a non-universal key, which preferably can be unique or near-unique. One solution has the chips or systems including a write-once memory capable of population with a unique or near-unique key, which can be accessible by the security circuitry. Since tools, such as electron microscopes, can read content of write-once memories, however, this solution fails to provide key anonymity, allowing copies of the chips or systems to be made with a compromised key.
Another effort to effectuate key anonymity, while retaining a hardware-based security measure, incorporates a physical uncloneable function (PUF) within their security circuitry, which may provide a unique (or near unique) key based on subtle manufacturing variations in the PUF. For example, since cells in a static random-access memory (SRAM) device can each have different initial states, i.e., set to 0 or 1, depending on manufacturing variations in their respective bi-stable latching circuitry, reading the initial value from a set of the cells from the SRAM device can provide a key to security circuitry. Thus, even though the third-party fabricator or foundry utilized the same manufacturing technique to generate multiple chips or systems implementing the same circuit design, each of the multiple chips or systems can have security circuitry that generates a quasi-unique key to unlock the functionality of the chip or system.
Unfortunately, since most PUFs rely on subtle manufacturing variations for their distinctiveness, they are often sensitive to change or alteration based on operating environment, such as temperature, operating voltage or current, etc, or vulnerable to device or feature breakdown over time. Once a PUF has been changed or altered, the PUF outputs a different key, which can cause the security circuitry to erroneously lock the chip or system from operating.